ID CVE-2013-1281
Summary The NFS server in Microsoft Windows Server 2008 R2 and R2 SP1 and Server 2012 allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via an attempted renaming of a file or folder located on a read-only share, aka "NULL Dereference Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_server_2008:r2:-:itanium:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:r2:-:itanium:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:-:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:r2:-:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:itanium:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:itanium:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 12-10-2018 - 22:04)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
oval via4
accepted 2014-03-03T04:00:54.187-05:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Windows Server 2008 R2 x64 Edition is installed
    oval oval:org.mitre.oval:def:6438
  • comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
    oval oval:org.mitre.oval:def:5954
  • comment Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
    oval oval:org.mitre.oval:def:12567
  • comment Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed
    oval oval:org.mitre.oval:def:12583
  • comment Microsoft Windows Server 2012 is installed
    oval oval:org.mitre.oval:def:16359
description The NFS server in Microsoft Windows Server 2008 R2 and R2 SP1 and Server 2012 allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via an attempted renaming of a file or folder located on a read-only share, aka "NULL Dereference Vulnerability."
family windows
id oval:org.mitre.oval:def:16388
status accepted
submitted 2013-02-15T16:41:24
title Microsoft NFS Server Denial Of Service Vulnerability - MS13-014
version 42
refmap via4
cert TA13-043B
ms MS13-014
Last major update 12-10-2018 - 22:04
Published 13-02-2013 - 12:04
Back to Top